Re: [SECURITY] [DSA 729-1] New PHP4 packages fix denial of service
From: John GALLET (john.gallet_at_wanadoo.fr)
Date: 05/27/05
- Previous message: Eyal Udassin: "Citrix security contact"
- In reply to: Martin Schulze: "[SECURITY] [DSA 729-1] New PHP4 packages fix denial of service"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 27 May 2005 10:24:43 +0200 (CEST) To: bugtraq@securityfocus.com
Hi there,
> An iDEFENSE researcher discovered two problems in the image processing
> functions of PHP, a server-side, HTML-embedded scripting language, of
> which one is present in woody as well. When reading a JPEG image, PHP
> can be tricked into an endless loop due to insufficient input
> validation.
I don't see anything in the latest change logs, could anyone please point
me to more information about this error ? Is it located in the GD php
extension ?
Sincerely,
JG
- Previous message: Eyal Udassin: "Citrix security contact"
- In reply to: Martin Schulze: "[SECURITY] [DSA 729-1] New PHP4 packages fix denial of service"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
